The data over cable service interface specification (DOCSIS) does not fully address cable modem anti-cloning. The DOCSIS standard requires the cable modem device certificate's subject common name to contain the cable modem media access control (MAC) address. The baseline privacy interface plus (BPI+) authentication fails if a cable modem termination system (CMTS) detects that the common name in the cable modem device certificate does not match the device cable modem MAC address. DOCSIS recommends the policy for CMTS to enforce BPI+ on all cable modems. However, if a cable modem is fully cloned, that is to clone the entire non-volatile random-access memory (NVRAM) which contains both the device certificate and cable modem MAC address, then the DOCSIS anti-cloning recommendation will not be sufficient. The number of reported clones has been drastically increasing and Internet service providers (ISPs) have difficulties keeping up and dealing with clone devices. Therefore, a need exists for improving methods and systems for preventing cable modem cloning.
Like reference numbers and designations in the various drawings indicate like elements.